Introduction

This is a patch release for Cisco Prime Infrastructure 2.1. This release delivers a number of bug fixes. There are no new features added in this release. However, this release provides a few important enhancements to the existing features. For details, see the “New Features and Enhancements” section.

This patch release must be installed on top of your existing Prime Infrastructure 2.1 installation.

System Requirements

For more information on server and web client requirements, see the System Requirements section of the Cisco Prime Infrastructure 2.1 Quick Start Guide .

Installation Guidelines

The following sections explain how to install the patch.

Before You Begin Installing the Patch

CautionOnce you install this patch, you cannot un-install or remove it.

Because the patch is not removable, it is important to have a way to revert your system to the original version in case hardware or software problems cause the patch installation to fail.

To ensure you can do this, take a backup of your system before downloading and installing this UBF patch.

To revert to the original Prime Infrastructure 2.1 installation, follow these steps:

2. Restore the data from the backup that you made before applying the patch.

Similarly, if you are running Prime Infrastructure 2.1 in a Virtual Machine (VM) and your organization permits taking VM snapshots, use the VMware client to take a VM snapshot before applying this patch. Store the snapshot in an external storage repository, and restore from the snapshot if the patch is unsuccessful.

If you are installing the patch as part of a High Availability (HA) implementation, you will want to ensure that the network links between the two servers provide maximum bandwidth and low latency throughout the patch install. For more information, see Troubleshooting Patch Installs in HA Implementations.

Step 3 Log in to the Prime Infrastructure server using an ID with administrator privileges and choose Administration > Software Update .

Step 4 Click Upload Update File and browse to the location where you saved the patch file. Click OK to upload the file.

Step 5 When the upload is complete:

a. On the Software Upload page, confirm that the Name, Published Date and Description of the patch file are correct.

b. Select the patch file and click Install .

c. You will see a popup message indicating when the installation is complete. You should also see a listing for the patch in the “Updates” table, with a “Yes” opposite the patch under the “Installed” column, and a “Yes” under the “Pending Restart” column.

Step 6 Restart the server by first executing the ncs stop command and then the ncs start command, as explained in Running Commands.

Step 7 Verify that the patch is installed by logging into the server and choosing Administration > Software Update . You should see a listing for the patch in the “Updates” table, with a “Yes” opposite the patch under the “Installed” column, and a “No” under the “Pending Restart” column.

Installing the Patch With High Availability

If you are not using the Prime Infrastructure High Availability (HA) feature, follow the steps in Installing the Patch instead of the steps below

If your current Prime Infrastructure implementation has High Availability enabled, follow the steps below to install the patch. You must start the patch install with the primary server in “Primary Active” state and the secondary server in “Secondary Syncing” state.

a. Run the ncs ha status command on both the primary and secondary servers. You should see the primary server state change from “HA Initializing” to “Primary Active”. You should see the secondary server state change from “Secondary Lost Primary” to “Secondary Syncing”.

b. Log in to the primary server and access its Software Update page as you did earlier. The “Installed” column should show “Yes” and the “Pending Restart” column should show “No” for the installed patch.

c. Access the secondary server’s Health Monitor page as you did earlier. The “Installed” column should show “Yes” and the “Pending Restart” column should show “No” for the installed patch.

Running Commands

You will need to connect to Prime Infrastructure server via the command line interface (CLI) to run commands that:

Stop the server

Start the server

Display the list of running server processes

Display the status of High Availability features on the server

Before you begin, make sure you know the:

IP address or host name of the Prime Infrastructure server or appliance on which you will run the commands.

User ID and password of an administrative user with CLI access to that server or appliance. Unless specifically barred from doing so, all administrative users have CLI access.

a. If you are connecting via a GUI client: Enter the ID of an active Prime Infrastructure administrator ID with CLI access. and the IP address or host name of the Prime Infrastructure server or appliance. Then initiate the connection.

Or

b. If you are using a command-line client or session: Log in with a command like the following:

– IPHost is the IP address or host name of the Prime Infrastructure server or appliance.

Or

c. If you are connecting via the physical or virtual appliance console, a prompt is shown for the administrator user name. Enter the user name.

Prime Infrastructure will prompt you for the password for the administrator ID you entered.

Step 3 Enter the administrative ID password.

Prime Infrastructure will present a command prompt like the following: PIServer/admin#.

Step 4 Run the appropriate commands as needed, using the examples below:

Stop the server: PIServer/admin# ncs stop

Start the server: PIServer/admin# ncs stop

Check on the server status: PIServer/admin# ncs status

Check on High Availability status: PIServer/admin# ncs ha status

Troubleshooting Patch Installs in HA Implementations

Users who apply this patch in a High Availability (HA) implementation may experience difficulties if the network links between the two servers offer low bandwidth and high latency. In particular, this kind of low throughput can cause the post-patch restart and re-registration to take far longer than normal. In most cases, simply waiting longer will fix the problem with no intervention. In a few cases, continued or intermittent throughput problems can cause a complete failure. If you believe this has occurred, contact Cisco TAC.

If you are unable to verify that the patch has been applied to a server, or one or both of the servers fails to re-start properly after the patch, you may need to re-image the server as explained in Before You Begin Installing the Patch before continuing.

In all cases, you can use the backup logs command on one or both servers to get information on the source of the failure.

Upgrading Prime Infrastructure

If you are currently using Prime Infrastructure 2.1, you can apply the Prime Infrastructure 2.1.1 UBF patch.

If you are currently using Prime Infrastructure 2.0 you must first upgrade to Prime Infrastructure 2.1 before applying the Prime Infrastructure 2.1.1 UBF patch.

If you are running releases of Prime Infrastructure earlier than 2.0, first upgrade to Prime Infrastructure 2.1 and then apply this patch.

For detailed information about upgrading from previous releases of Prime Infrastructure, including the list of versions from which you can upgrade, see the Upgrading Cisco Prime Infrastructure section of the Cisco Prime Infrastructure 2.1 Quick Start Guide .

Submitting Feedback

Your feedback will help us improve the quality of our product. To send your feedback, follow these steps:

Step 8 Choose Help > Submit Feedback (in the Classic view) or click the question mark icon at the top right and then click Submit Feedback (in the Lifecycle view). You must configure the email server and then enable data collection to configure the feedback tool.

Non Configurable Features for Wireless LAN Controller Release 8.0

The following Wireless LAN Controller 8.0 software features are not configurable in Prime Infrastructure Release 2.1.1 using the pre-packaged templates. You can use Prime Infrastructure CLI templates or Wireless Controller GUI to configure these features.

Non Configurable Features for Wireless LAN Controller Release 7.6

The following Wireless LAN Controller 7.6 software features are not configurable in Prime Infrastructure Release 2.1.1 using the pre-packaged templates. You can use Prime Infrastructure CLI templates or Wireless Controller GUI to configure these features.

China -H Domain AP700/1600/2600/3600/3700/1042H/L,

Indonesia –F Domain (1530 and 1600 ONLY)

Universal Small Cell Module 5310 for AP 3600.

Non Configurable Features for Wireless LAN Controller Release 7.5

The following Wireless LAN Controller 7.5 software features are not configurable in Prime Infrastructure Release 2.1.1 using the pre-packaged templates. You can use Prime Infrastructure CLI templates or Wireless Controller GUI to configure these features.

Sleeping clients

WLC based Policy classification engine

DNS lookup for Radius and TACACS server

PMIPv6

802.11w

FlexConnect AP authentication support for PEAP/EAP-TLS

FlexConnect AAA ACL

FlexConnect AAA QoS

Application Visibility and Control - downloadable protocol packs

Domain -Z support AP3600

Guest Access Management and web-authentication support

Management frame protection. (802.11w)

FlexConnect VLAN configuration within FlexConnect Groups

Non Configurable Features for Wireless LAN Controller Release 7.4

The following Wireless LAN Controller 7.4 software features are not configurable in Prime Infrastructure Release 2.1.1 using the pre-packaged templates. You can use Prime Infrastructure CLI templates or Wireless Controller GUI to configure these features.

– Rogue Detector—Monitors the rogue access points but does not transmit or contain rogue access points.

– Bridge

–Sniffer—The access point “sniffs” the air on a given channel. It captures and forwards all the packets from the client on that channel to a remote machine that runs AiroPeek (a packet analyzer for IEEE 802.11 wireless LANs). It includes information on timestamp, signal strength, packet size, and so on. If you choose Sniffer as an operation mode, you are required to enter a channel and server IP address on the AP/Radio Templates 802.11b/g/n or 802.11a/n parameters tab.

– SE-Connect—This mode allows a CleanAir-enabled access point to be used extensively for interference detection on all monitored channels. All other functions such as IDS scanning and Wi-Fi are suspended.

VLAN Tagging—VLAN Tagging is supported only from controller version 7.3.1.26. If you change the mode or value of VLAN tagging, the access point will be rebooted. VLAN tagging cannot be enabled when the AP is in Bridge mode. Enabling VLAN tagging will ignore the value of Native VLAN ID.

AP Group Name.

Reboot AP—Select the check box to enable a reboot of the access point after making any other updates.

Power Injector Configuration

Power Injector State—When enabled, this allows you to manipulate power injector settings through Prime Infrastructure without having to go directly to the controllers. If the Enable Power Injector State is selected, power injector options appear.

Power Injector Selection—Choose installed or override from the drop-down list.

Override Global Username Password—Select the check box to enable an override for the global username/password. Enter and confirm the new access point username and password in the appropriate text boxes.

Supplicant Credentials Configuration

Override Supplicant Credentials—Select the Override Supplicant Credentials check box to prevent this access point from inheriting the authentication username and password from the controller. The default value is unselected. The Override Supplicant Credentials option is supported in controller Release 6.0 and later.

– In the Username, Password, and Confirm Password text boxes, enter the unique username and password that you want to assign to this access point.

AP Retransmit Configuration

AP Retransmit Count—Enter the AP Retransmit Count. The AP Retransmit Count default value is 5 and the range is from 3 to 8.

Primary, Secondary, and Tertiary Controller IP—The Primary/Secondary/Tertiary Controller IP is the Management IP of the controller.

Venue Configuration

Venue Group

Venue Type

Secondary Venue Name

Language

Mesh Tab

Use the Mesh tab to set the following parameters for mesh access points:

Bridge Group Name—Enter a bridge group name (up to 10 characters) in the text box.

Note Bridge groups are used to logically group the mesh access points to avoid two networks on the same channel from communicating with each other. For mesh access points to communicate, they must have the same bridge group name. For configurations with multiple RAPs, make sure that all RAPs have the same bridge group name to allow failover from one RAP to another.

Data Rate (Mbps)—Choose the data rate for the backhaul interface from the drop-down list. Data rates available are dictated by the backhaul interface. The default rate is 18 Mbps.

Note This data rate is shared between the mesh access points and is fixed for the whole mesh network. Do not change the data rate for a deployed mesh networking solution.

FlexConnect Tab

Note These options are only available for access points in FlexConnect mode.

– OfficeExtend—The default is Enabled.

Note When you select Enable for the OfficeExtend AP, several configuration changes automatically occur including: encryption and link latency are enabled; rogue detection, SSH access, and Telnet access are disabled.

Note When you enable the OfficeExtend access point, you must configure at least one primary, secondary, and tertiary controller (including name and IP address).

– Least Latency Controller Join—When enabled, the access point switches from a priority order search (primary, secondary, and then tertiary controller) to a search for the controller with the best latency measurement (least latency). The controller with the least latency provides the best performance.

Note The access point only performs this search once when it initially joins the controller. It does not recalculate the latency measurements of primary, secondary, and tertiary controllers once joined to see if the measurements have changed.

– VLAN Support

– Native VLAN ID

Note The valid native VLAN ID range is 1—4094. If you are changing the mode to REAP and if the access point is not already in REAP mode, then all other REAP parameters are not applied on the access point.

Selecting Access Points for Template Deployment

Select one or more access points by selecting their respective check boxes.

Note You can use the Filter feature to search for specific access points. For details see the Filters section of the Cisco Prime Infrastructure User Guide.

Click Deploy to save and deploy the template to the relevant access points.

Click Apply to save and apply the AP/Radio parameters to the selected access points from the search.

Note You can deploy the template using the AP Selection or Schedule tabs.

Scheduling Template Deployment

Allows you to save the current template, apply the current template immediately, or schedule the current template to start the provisioning at the applicable time.

Start Time—Allows you to configure and start the template deployment at a scheduled time.

– Now—Deploys the template right away.

– Date—Enter a date in the text box or use the calendar icon to select a start date.

Recurrence—Select from none, hourly, daily, or weekly to determine how often this scheduling occurs.

Note You can deploy the template using the AP Selection or Schedule tabs.

Viewing the Status of the Template Deployment

Displays all recently applied reports including the apply status and the date and time the apply was initiated. Click the link that is available on the number of access points (next to the Template Deployed to APs field) to view the deployment status information.

AP Utilization Report

This is a new report in Prime Infrastructure 2.1.1, which displays the total utilization trend of access points with the channel and client statistics information on the wireless network. To access this report, choose Report > Report Launch Pad > Device >AP Utilization . This report contains three sub-reports—AP Client Statistics Summary, AP Client Count Summary, and AP Statistics Summary. For information, see the Managing Reports section of the Cisco Prime Infrastructure User Guide .

AP Client Statistics Summary

AP Name—Name of the access point.

Base Radio MAC—Base Radio MAC of the AP.

Slot—Radio Type of the AP.

Peak Throughput (Mbps)—Maximum Throughput seen on sum of traffic generated by all clients connected to the AP.

Average Throughput (Mbps)—Average Throughput seen on sum of traffic generated by all clients connected to AP.

Peak RSSI (dBm)—Maximum RSSI measured at the AP across all the clients connected to the AP over the reporting period.

Average RSSI (dBm)—Average RSSI measured at the AP across all the clients connected to the AP over the reporting period.

Peak SNR (dB)—Maximum SNR measured at the AP across all the clients connected to the AP over the reporting period.

Average SNR (dB)—Average SNR measured at the AP across all the clients connected to the AP over the reporting period.

AP Client Count Summary

AP Name—Name of the access point.

Base Radio MAC—Base Radio MAC of the AP.

Slot—Radio Type of the AP.

Peak Number of Users—Maximum Number of Clients connected to the radio over the reporting period as reported by WLC.

Average Number of Users—Average Number of Clients connected to the radio over the reporting period as reported by WLC.

AP Statistics Summary

AP Name—Name of the access point.

Base Radio MAC—Base Radio MAC of the AP.

Slot—Radio Type of the AP.

Peak Channel Utilization (Percentage)—Maximum Channel utilization in percentage per radio.Channel utilization is a metric that includes Tx utilization, Rx utilization, Interference from other 802.11 radios and noise from non-802.11 sources.

Average Channel Utilization (Percentage)—Average Channel utilization in percentage per radio.Channel utilization is a metric that includes Tx utilization, Rx utilization, Interference from other 802.11 radios and noise from non-802.11 sources.

Peak Packets Retransmission—Peak Number of packets transmitted after retries on each radio over the reporting period.

Average Packets Retransmission—Average Number of packets transmitted after retries on each radio over the reporting period.

Channels in Use—Unique Channel list seen on each Radio over the reporting period. The value in the Channels in Use field will be available only for the last 31 days.

Changes to the Jobs Dashboard Page

In earlier releases of Prime Infrastructure, when you delete a controller, the associated APs are not deleted and remain in the “unassociated” state. When you delete a controller in Prime Infrastructure 2.1.1, you get a message so that you can delete the associated APs. To view the details of the deleted APs which were associated to a controller, choose Administration > Jobs Dashboard (in the Lifecycle view).

When you delete a controller using the Classic view, the following message appears:

To view the details of the deleted APs (which were associated with a controller), choose Configure > Access Points , choose View Delete AP Job(s) from the Select a command drop-down list, and then click Go .

When you delete a controller using the Lifecycle view, the following message appears:

Do you want to delete APs Associated to the selected Devices.

To view the details of the deleted APs which were associated with a controller), choose Administration > Jobs Dashboard .

Important Notes

This section contains important notes about this release of Prime Infrastructure 2.1.1.

After upgrading to Prime Infrastructure 2.1, if you click the Client Details link in the Monitor > Client and Users page, you may encounter an error: “There was an error while parsing and rendering the content”. If you encounter this error, clear the browser cache and retry accessing the Client Details page.

If you are unable to swap the primary/secondary/tertiary controller server IP address and name using template and configuration pages, clear all three primary/secondary/tertiary controller server IP addresses and name, and then save the configuration to the controller. Once the null values are successfully saved to the controller, you can assign new primary/secondary/tertiary server IP address and name.

The Client Throughput and Client Traffic reports show same data when the Report By criteria is set to All Wired or All Wireless where Cisco 3850 or Cisco 3650 devices are available (these devices can be wired and wireless).

Prime Infrastructure identifies Rogue AP by Manual SPT/Auto SPT, but when a user tries to run rogue AP report, Prime Infrastructure fails to show port number of the traced rogue. Prime Infrastructure “Not available or Rogue AP found on wire in switch port trace summary.

With the exception of CSCun19363, CSCun28657, and CSCun82620, all of the open caveats of Prime Infrastructure 2.1 are also applicable for Prime Infrastructure 2.1.1. For the list of open caveats, see the following URL:

Resolved Caveats

Table 4 lists the resolved caveats in Prime Infrastructure Release 2.1.1. Click the identifier to view the impact and workaround for the caveat. This information is displayed in the Bug Search Tool. You can track the status of the resolved caveats using the Bug Search Tool .

Table 4 Resolved Caveats

Identifier

Description

CSCub57283

Deployment of configuration templates fail when the device name is long.

CSCuc34416

Prime Infrastructure sending informational events with no way to prune them.

Subscribe to What’s New in Cisco Product Documentation , which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks . Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.